DDoS

CPDoS (Cache-Poisoned Denial-of-Service) is a zero-day DoS attack that poisons the CDN cache. By manipulating certain header requests, the attacker forces the origin server to return a Bad Request error which is stored in the CDN’s cache.

DDoS attacks are common today. Not only are they easy to do, they also offer a good ROI (return on investment) to the attacker. Even with limited resources and a small budget, one can deploy a DDoS attack onto a targeted company in a matter of minutes.

Sometimes, DDoS attacks are obvious. Most attackers are not altruistic (i.e., they’re motivated by money), and DDoS extortion is common. So, when your site goes down and then you get a ransom demand (usually payable in Bitcoin), it’s clear what is happening.

DDoS attacks can vary widely in their scale, persistence, and goals. They can also vary in their intended target: sometimes it will be a server, while at other times it will be an intermediate device such as a router or firewall. Each attack depends on the attacker’s motivation, skillset, and available resources.

Large volumes of legitimate traffic are used in volumetric attacks. In this context, “legitimate” means that each packet has correct syntax, size, etc. They comprise an attack not by their nature, but in the way they are used: to flood the target with a massive volume of requests, overwhelming the targeted system.

DDoS stands for Distributed Denial of Service. As the name implies, it is a DoS (Denial of Service) attack that originates from multiple sources simultaneously.